VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load
Keygen-1.8.2.exe    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Behavior analysis report:         Habo file analysis
Basic Information
file name:Keygen-1.8.2.exe
file type:EXEx86
Submission time:2018-10-04 07:00:50
Threat level:clean
MD5:047fa4f016d7ca76214bbf3c299931e9
sha256:05be4c622805d60cf9e29b009b4bd7f577ca2e3c7b67abe99ded3ce874180d70
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains:0
dns:0
http:0
Document release report
File release report not detected
File process number report
Process details:0
Document behavior signature report
Static information
PE section table information
Section name:.text
Virtual address:0x00001000
Physical address:0x00000400
Physical size:0x00074200
Section permissions:R-E
Section name:.itext
Virtual address:0x00076000
Physical address:0x00074600
Physical size:0x00000a00
Section permissions:R-E
Section name:.data
Virtual address:0x00077000
Physical address:0x00075000
Physical size:0x00002600
Section permissions:RW-
Section name:.bss
Virtual address:0x0007a000
Physical address:0x00077600
Physical size:0x00000000
Section permissions:RW-
Section name:.idata
Virtual address:0x0007f000
Physical address:0x00077600
Physical size:0x00002800
Section permissions:RW-
Section name:.tls
Virtual address:0x00082000
Physical address:0x00079e00
Physical size:0x00000000
Section permissions:RW-
Section name:.rdata
Virtual address:0x00083000
Physical address:0x00079e00
Physical size:0x00000200
Section permissions:R--
Section name:.reloc
Virtual address:0x00084000
Physical address:0x0007a000
Physical size:0x00006c00
Section permissions:R--
Section name:.rsrc
Virtual address:0x0008b000
Physical address:0x00080c00
Physical size:0x0001e200
Section permissions:R--
PE basic information
import_hash:32a20fe2f9b5a3eb23f215802930fad1
time_stamp:2016-03-04 21:19:26
entry_point_section:.itext
entry_point_section:.itext
image_base:0x400000
entry_point:0x767dc
PE resource information
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x0008b958
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x0008ba8c
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x0008bbc0
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x0008bcf4
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x0008be28
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x0008bf5c
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x0008c090
size:0x00000134
name:RT_ICON
language:LANG_HUNGARIAN
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_DEFAULT
offset:0x0008c1c4
size:0x00000128
name:RT_ICON
language:LANG_HUNGARIAN
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_DEFAULT
offset:0x0008c2ec
size:0x00000368
name:RT_ICON
language:LANG_HUNGARIAN
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_DEFAULT
offset:0x0008c654
size:0x00000468
name:RT_ICON
language:LANG_HUNGARIAN
filetype:data
sublanguage:SUBLANG_DEFAULT
offset:0x0008cabc
size:0x000002e8
name:RT_ICON
language:LANG_HUNGARIAN
filetype:data
sublanguage:SUBLANG_DEFAULT
offset:0x0008cda4
size:0x00000ca8
name:RT_ICON
language:LANG_HUNGARIAN
filetype:data
sublanguage:SUBLANG_DEFAULT
offset:0x0008da4c
size:0x000010a8
name:RT_ICON
language:LANG_HUNGARIAN
filetype:dBase IV DBT of `.DBF, blocks size 48, block length 1536, next free block index 40
sublanguage:SUBLANG_DEFAULT
offset:0x0008eaf4
size:0x00000668
name:RT_ICON
language:LANG_HUNGARIAN
filetype:data
sublanguage:SUBLANG_DEFAULT
offset:0x0008f15c
size:0x00001ca8
name:RT_ICON
language:LANG_HUNGARIAN
filetype:dBase IV DBT of `.DBF, blocks size 48, next free block index 40, 1st item \"OOO377OOO377OOO377PPP377QQQ377SSS377NNN377;;;377\036\036\036340\002\002\002230\"
sublanguage:SUBLANG_DEFAULT
offset:0x00090e04
size:0x000025a8
name:RT_ICON
language:LANG_HUNGARIAN
filetype:FoxPro FPT, blocks size 0, next free block index 671088640
sublanguage:SUBLANG_DEFAULT
offset:0x000933ac
size:0x00000a68
name:RT_ICON
language:LANG_HUNGARIAN
filetype:FoxPro FPT, blocks size 0, next free block index 671088640
sublanguage:SUBLANG_DEFAULT
offset:0x00093e14
size:0x00003228
name:RT_ICON
language:LANG_HUNGARIAN
filetype:FoxPro FPT, blocks size 0, next free block index 671088640
sublanguage:SUBLANG_DEFAULT
offset:0x0009703c
size:0x00004228
name:RT_STRING
language:LANG_NEUTRAL
filetype:Hitachi SH big-endian COFF object, not stripped
sublanguage:SUBLANG_NEUTRAL
offset:0x0009b264
size:0x0000030c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0009b570
size:0x0000009c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0009b60c
size:0x000000ec
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0009b6f8
size:0x000003d4
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0009bacc
size:0x000003a4
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0009be70
size:0x00000370
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0009c1e0
size:0x000003cc
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0009c5ac
size:0x00000214
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0009c7c0
size:0x000000cc
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0009c88c
size:0x00000194
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0009ca20
size:0x000003c4
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0009cde4
size:0x00000338
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0009d11c
size:0x00000294
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:Sendmail frozen configuration
sublanguage:SUBLANG_NEUTRAL
offset:0x0009d3b0
size:0x00000010
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0009d3c0
size:0x00000260
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0009d620
size:0x0000b344
name:RT_GROUP_CURSOR
language:LANG_ENGLISH
filetype:Lotus 1-2-3
sublanguage:SUBLANG_ENGLISH_US
offset:0x000a8964
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_ENGLISH
filetype:Lotus 1-2-3
sublanguage:SUBLANG_ENGLISH_US
offset:0x000a8978
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_ENGLISH
filetype:Lotus 1-2-3
sublanguage:SUBLANG_ENGLISH_US
offset:0x000a898c
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_ENGLISH
filetype:Lotus 1-2-3
sublanguage:SUBLANG_ENGLISH_US
offset:0x000a89a0
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_ENGLISH
filetype:Lotus 1-2-3
sublanguage:SUBLANG_ENGLISH_US
offset:0x000a89b4
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_ENGLISH
filetype:Lotus 1-2-3
sublanguage:SUBLANG_ENGLISH_US
offset:0x000a89c8
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_ENGLISH
filetype:Lotus 1-2-3
sublanguage:SUBLANG_ENGLISH_US
offset:0x000a89dc
size:0x00000014
name:RT_GROUP_ICON
language:LANG_HUNGARIAN
filetype:MS Windows icon resource - 12 icons, 64x64, 16-colors
sublanguage:SUBLANG_DEFAULT
offset:0x000a89f0
size:0x000000ae
name:RT_MANIFEST
language:LANG_ENGLISH
filetype:XML document text
sublanguage:SUBLANG_ENGLISH_US
offset:0x000a8aa0
size:0x000002f0
name:RT_MANIFEST
language:LANG_HUNGARIAN
filetype:XML document text
sublanguage:SUBLANG_DEFAULT
offset:0x000a8d90
size:0x00000352

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号